$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS154248.roa File: AS154248.roa (raw, json) Hash identifier: hytGx3RqwvF+Avm5PJY5szin4/lmXYxEBx0KxQkjcts= Subject key identifier: 16:4F:FB:C1:B9:FF:C4:37:EC:F7:37:1C:E4:FE:BA:DB:F3:6E:BE:B7 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 2507CC51D6F38C371FBEEA30285478A461F05A94 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS154248.roa Signing time: Sat 02 May 2026 21:30:36 +0000 ROA not before: Sat 02 May 2026 21:25:36 +0000 ROA not after: Sat 01 May 2027 21:30:36 +0000 asID: 154248 IP address blocks: 203.27.34.0/24 maxlen: 24 2001:df6:1640::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:07:cc:51:d6:f3:8c:37:1f:be:ea:30:28:54:78:a4:61:f0:5a:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:25:36 2026 GMT Not After : May 1 21:30:36 2027 GMT Subject: CN=164FFBC1B9FFC437ECF7371CE4FEBADBF36EBEB7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:dd:f5:07:ac:b9:2c:67:18:3e:8a:01:ff:bf: ac:a8:a8:4b:32:96:5f:dd:83:0e:0a:0d:dd:33:47: 5d:3a:7a:8c:af:68:79:e6:bd:aa:a9:c3:7b:d5:6b: d1:61:ce:c5:56:00:43:b5:7b:a6:c1:8c:37:26:3d: 43:83:d3:f7:ff:2f:6c:46:48:4b:9d:1b:f2:a8:e5: 87:82:f0:2a:0b:90:bf:12:b2:e6:c5:ba:83:ff:1a: 34:ba:e0:bf:49:47:ab:0c:7a:31:f6:dd:a0:34:54: e4:33:c3:e2:4c:c5:4a:3a:9a:81:a8:0b:3e:63:06: f6:5e:e3:e1:03:5a:96:16:a9:ca:52:54:8f:c6:49: e9:f4:c2:da:ee:9e:04:fa:7a:b2:0d:ca:6b:eb:52: 37:67:39:aa:c8:d6:52:f3:c3:94:80:be:e6:53:e1: ca:17:27:18:e9:57:e6:d5:b5:5a:9f:6a:4f:6a:48: 1b:fc:f0:4e:f6:81:52:72:34:e2:1d:1c:cf:6f:e5: 1e:04:cb:21:38:c3:e9:e7:ff:bd:10:51:5b:a0:47: 49:82:37:90:38:b0:c3:e2:2f:7a:bc:49:00:3c:a1: 3a:31:c0:6c:1a:13:f3:5d:44:3c:08:8a:88:40:64: 23:80:72:f7:0d:4e:02:2e:c8:ec:d1:58:c0:5a:a5: d8:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:4F:FB:C1:B9:FF:C4:37:EC:F7:37:1C:E4:FE:BA:DB:F3:6E:BE:B7 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS154248.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.27.34.0/24 IPv6: 2001:df6:1640::/48 Signature Algorithm: sha256WithRSAEncryption 01:fb:22:fd:b4:b1:5f:cd:fe:8a:a6:35:04:0b:9c:5f:47:95: a0:02:3a:ec:20:cb:25:b6:b7:00:4f:ac:d7:d2:5e:1b:7b:8c: 87:78:bc:c7:a4:b0:22:43:4f:18:e6:8a:63:db:9e:28:1b:b3: cc:6c:b4:5c:26:40:94:5c:5e:dc:54:13:6a:69:2a:36:c2:ec: 94:f6:fd:92:55:a9:f0:eb:bd:68:f7:b8:6e:1e:18:93:24:0d: 94:d0:9b:0c:94:9c:13:a7:b7:b3:e0:e0:ff:48:d7:0b:97:e7: 23:b0:77:f2:1c:23:72:e9:97:bc:dc:17:d3:50:c0:da:9f:6e: 0d:04:f9:90:5f:5f:a9:d9:34:a8:84:cd:67:5a:d3:30:24:15: 25:bb:f0:6d:1e:e4:0d:f1:d6:11:4e:cc:53:43:af:70:fc:44: c5:ae:38:72:5c:5f:08:aa:8e:70:d2:a5:7f:83:b3:fc:f7:ad: 75:7e:7a:e6:ae:25:0a:c3:76:c8:ab:5b:54:0f:bd:f5:05:a7: bd:02:47:5a:77:fc:21:99:0a:e2:5b:a3:91:8d:be:f4:fb:e4: bf:fc:24:d4:0a:ef:6c:5b:fc:e1:46:ab:d4:65:61:ba:eb:e2: 81:38:f6:fd:6d:f1:d9:5d:4e:5e:b8:ee:21:db:5d:d4:6d:8b: 2a:f2:d2:e6 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUJQfMUdbzjDcfvuowKFR4pGHwWpQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMjUzNloX DTI3MDUwMTIxMzAzNlowMzExMC8GA1UEAxMoMTY0RkZCQzFCOUZGQzQzN0VDRjcz NzFDRTRGRUJBREJGMzZFQkVCNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANjd9QesuSxnGD6KAf+/rKioSzKWX92DDgoN3TNHXTp6jK9oeea9qqnDe9Vr 0WHOxVYAQ7V7psGMNyY9Q4PT9/8vbEZIS50b8qjlh4LwKguQvxKy5sW6g/8aNLrg v0lHqwx6MfbdoDRU5DPD4kzFSjqagagLPmMG9l7j4QNalhapylJUj8ZJ6fTC2u6e BPp6sg3Ka+tSN2c5qsjWUvPDlIC+5lPhyhcnGOlX5tW1Wp9qT2pIG/zwTvaBUnI0 4h0cz2/lHgTLITjD6ef/vRBRW6BHSYI3kDiww+IverxJADyhOjHAbBoT811EPAiK iEBkI4By9w1OAi7I7NFYwFql2NcCAwEAAaOCAd0wggHZMB0GA1UdDgQWBBQWT/vB uf/EN+z3Nxzk/rrb826+tzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTU0MjQ4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIA ATAGAwQAyxsiMA8EAgACMAkDBwAgAQ32FkAwDQYJKoZIhvcNAQELBQADggEBAAH7 Iv20sV/N/oqmNQQLnF9HlaACOuwgyyW2twBPrNfSXht7jId4vMeksCJDTxjmimPb nigbs8xstFwmQJRcXtxUE2ppKjbC7JT2/ZJVqfDrvWj3uG4eGJMkDZTQmwyUnBOn t7Pg4P9I1wuX5yOwd/IcI3Lpl7zcF9NQwNqfbg0E+ZBfX6nZNKiEzWda0zAkFSW7 8G0e5A3x1hFOzFNDr3D8RMWuOHJcXwiqjnDSpX+Ds/z3rXV+euauJQrDdsirW1QP vfUFp70CR1p3/CGZCuJbo5GNvvT75L/8JNQK72xb/OFGq9RlYbrr4oE49v1t8dld Tl647iHbXdRtiyry0uY= -----END CERTIFICATE-----Generated at Sun May 3 00:40:30 2026 by rpki-client